Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json)
Hash identifier:          grQtFVwvEEy7vZSkgNtgp4+eKJP8Uma42RyvEPRY7pg=
Subject key identifier:   83:5D:0C:E3:C6:F5:AA:78:EE:D5:DE:36:2F:41:6F:1A:DB:C5:F7:8C
Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Certificate issuer:       /CN=44dbe3626a76b04a120889704958863d42632f0f
Certificate serial:       01965191E5BCABFAE56656CB6B27106DE0B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
Manifest number:          030B
Signing time:             Sun 20 Apr 2025 05:00:37 +0000
Manifest this update:     Sun 20 Apr 2025 05:00:37 +0000
Manifest next update:     Mon 21 Apr 2025 05:00:37 +0000
Files and hashes:         1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: I2pP8bsti5FeWSN41hNA0e/1/E+3Z+RvJNM23zxYUHo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 05:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:91:e5:bc:ab:fa:e5:66:56:cb:6b:27:10:6d:e0:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f
        Validity
            Not Before: Apr 20 05:00:37 2025 GMT
            Not After : Apr 21 05:00:37 2025 GMT
        Subject: CN=835d0ce3c6f5aa78eed5de362f416f1adbc5f78c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:ab:7f:5f:38:d3:b5:97:98:5a:9a:cd:d1:78:
                    de:08:6c:79:68:50:49:7e:cb:cd:22:50:42:56:69:
                    c9:2c:2f:50:6b:96:84:39:12:6a:47:60:f1:ba:61:
                    08:50:5b:33:05:41:87:c8:d4:a8:37:7b:df:b2:a5:
                    b5:f4:7f:5d:3f:ec:ad:18:a4:86:b1:9f:ed:14:1b:
                    b2:ef:cb:61:03:7d:18:c2:44:5c:65:42:7c:8b:fc:
                    fe:37:5a:15:c6:f2:09:21:00:7a:27:ba:eb:c2:94:
                    a9:bb:c7:42:02:cb:26:22:25:0b:5a:00:2b:81:99:
                    9a:47:85:a4:4e:c3:a8:23:ba:6c:a8:3d:ef:4e:08:
                    a9:08:c5:dd:b4:3d:c1:01:15:f7:b5:6f:48:8a:c2:
                    ed:63:06:f4:60:11:2d:c9:f2:5c:75:c6:61:d2:b2:
                    c5:1a:a8:50:6d:29:4c:2a:74:43:88:df:6f:32:5e:
                    7d:fb:c2:a0:c9:59:0a:72:cd:fb:b5:58:2e:80:45:
                    b8:c4:32:30:07:c0:a4:44:9e:10:68:af:49:d7:bd:
                    52:9d:be:71:e2:a1:e2:15:9a:7c:3a:34:a5:76:ed:
                    5a:4d:4c:6e:17:70:01:ca:d8:ed:9b:e9:ec:3e:2e:
                    d5:ed:31:ea:73:24:9a:c6:3c:dd:d8:34:30:10:8f:
                    c9:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:5D:0C:E3:C6:F5:AA:78:EE:D5:DE:36:2F:41:6F:1A:DB:C5:F7:8C
            X509v3 Authority Key Identifier:
                keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:c5:ca:c9:56:13:0f:22:3b:0d:49:27:a9:75:d0:0d:ba:d1:
         62:64:4b:99:d9:0f:47:5f:f3:73:9e:77:f2:32:2d:65:31:40:
         20:d8:02:77:e2:2b:43:e9:d5:d9:b8:f5:ec:a0:44:0a:13:f2:
         8c:df:2f:2c:6a:1b:f0:6e:32:38:ec:ab:b1:21:13:7f:70:be:
         63:7b:0a:da:79:ff:7f:3e:3b:68:87:af:c4:96:7a:ca:0b:0f:
         07:77:b6:6e:fd:2d:90:35:63:ef:6f:b7:f9:1b:0a:2a:3f:02:
         5b:15:69:19:fe:c1:b4:6f:af:8b:61:43:cc:23:d0:a3:71:ef:
         b9:c3:47:57:e7:2f:76:b2:27:2f:79:8f:33:43:62:2a:1b:2a:
         72:a6:3c:75:6a:f2:95:9a:ae:cb:93:ea:40:80:cb:9a:93:29:
         c0:b0:ac:67:44:b7:ac:17:ed:20:8d:61:0b:3b:da:8f:e5:ab:
         d7:71:8c:c7:61:59:b6:10:fa:7b:34:f0:67:e8:af:b5:fb:bc:
         cf:78:3e:9a:37:a0:c2:0e:74:01:2e:29:e7:24:58:c8:38:35:
         fc:4d:ba:a8:17:a8:7e:48:f8:be:a8:03:92:50:58:e8:5d:fe:
         dd:6e:2e:46:33:19:c3:7e:4b:b5:69:0e:c5:33:c4:ec:86:41:
         9c:59:39:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRkeW8q/rlZlbLaycQbeC3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2
MzJmMGYwHhcNMjUwNDIwMDUwMDM3WhcNMjUwNDIxMDUwMDM3WjAzMTEwLwYDVQQD
Eyg4MzVkMGNlM2M2ZjVhYTc4ZWVkNWRlMzYyZjQxNmYxYWRiYzVmNzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuat/XzjTtZeYWprN0XjeCGx5aFBJ
fsvNIlBCVmnJLC9Qa5aEORJqR2DxumEIUFszBUGHyNSoN3vfsqW19H9dP+ytGKSG
sZ/tFBuy78thA30YwkRcZUJ8i/z+N1oVxvIJIQB6J7rrwpSpu8dCAssmIiULWgAr
gZmaR4WkTsOoI7psqD3vTgipCMXdtD3BARX3tW9IisLtYwb0YBEtyfJcdcZh0rLF
GqhQbSlMKnRDiN9vMl59+8KgyVkKcs37tVgugEW4xDIwB8CkRJ4QaK9J171Snb5x
4qHiFZp8OjSldu1aTUxuF3ABytjtm+nsPi7V7THqcySaxjzd2DQwEI/JTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFINdDOPG9ap47tXeNi9BbxrbxfeMMB8GA1UdIwQY
MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt
ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj
LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjsXKyVYT
DyI7DUknqXXQDbrRYmRLmdkPR1/zc5538jItZTFAINgCd+IrQ+nV2bj17KBEChPy
jN8vLGob8G4yOOyrsSETf3C+Y3sK2nn/fz47aIevxJZ6ygsPB3e2bv0tkDVj72+3
+RsKKj8CWxVpGf7BtG+vi2FDzCPQo3HvucNHV+cvdrInL3mPM0NiKhsqcqY8dWry
lZquy5PqQIDLmpMpwLCsZ0S3rBftII1hCzvaj+Wr13GMx2FZthD6ezTwZ+ivtfu8
z3g+mjegwg50AS4p5yRYyDg1/E26qBeofkj4vqgDklBY6F3+3W4uRjMZw35LtWkO
xTPE7IZBnFk5sw==
-----END CERTIFICATE-----